[***] Summary: [***]

31 new Pro sigs. CryptFile2 Ransomware, CVE-2016-9970, PowerOrtni, SpyNote RAT.

[+++]          Added rules:          [+++]

2824636 - ETPRO TROJAN Possible Malicious SSL - Default Values and Serial 0 (Ursnif CnC) (trojan.rules)
2824637 - ETPRO TROJAN Troj/Agent-APJC CnC Beacon (trojan.rules)
2824638 - ETPRO TROJAN Win32/CryptFile2 Ransomware OS Check (trojan.rules)
2824639 - ETPRO TROJAN Win32/CryptFile2 Ransomware OS Check Response (trojan.rules)
2824640 - ETPRO TROJAN APT.ZeroT CnC Beacon (trojan.rules)
2824641 - ETPRO TROJAN APT.ZeroT Receiving Config (trojan.rules)
2824642 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-26 1) (trojan.rules)
2824643 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-26 2) (trojan.rules)
2824644 - ETPRO TROJAN DNS Query to Cerber Domain (1cpy1q . top) (trojan.rules)
2824645 - ETPRO TROJAN DNS Query to Cerber Domain (16ay2s . top) (trojan.rules)
2824646 - ETPRO TROJAN DNS Query to Cerber Domain (14gmtu . top) (trojan.rules)
2824647 - ETPRO TROJAN DNS Query to Cerber Domain (15nhsf . top) (trojan.rules)
2824648 - ETPRO TROJAN Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules)
2824649 - ETPRO TROJAN Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules)
2824650 - ETPRO INFO Vulnerable Jupyter Notebook Banner Detected (CVE-2016-9970) (info.rules)
2824651 - ETPRO MOBILE_MALWARE SpyNote RAT Checkin (mobile_malware.rules)
2824652 - ETPRO MOBILE_MALWARE SpyNote RAT Server Response (mobile_malware.rules)
2824653 - ETPRO TROJAN PowerOrtni CnC Beacon 1 (trojan.rules)
2824654 - ETPRO TROJAN PowerOrtni CnC Beacon 2 (trojan.rules)
2824655 - ETPRO TROJAN PowerOrtni CnC Beacon 3 (trojan.rules)
2824656 - ETPRO TROJAN PowerOrtni MalDoc Retrieving PowerShell (trojan.rules)
2824657 - ETPRO CURRENT_EVENTS Successful Santander Bank Phish (BR) Jan 26 2017 (current_events.rules)
2824658 - ETPRO CURRENT_EVENTS Successful Santander Phish M1 Jan 26 2017 (current_events.rules)
2824659 - ETPRO CURRENT_EVENTS Successful Santander Phish M2 Jan 26 2017 (current_events.rules)
2824660 - ETPRO CURRENT_EVENTS Successful Santander Phish M3 Jan 26 2017 (current_events.rules)
2824661 - ETPRO CURRENT_EVENTS Successful Apple Find My iPhone Phish Jan 26 2017 (current_events.rules)
2824662 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish Jan 26 2017 (current_events.rules)
2824663 - ETPRO CURRENT_EVENTS Successful Excel Online Phish M1 Jan 26 2017 (current_events.rules)
2824664 - ETPRO CURRENT_EVENTS Excel Online Phishing Landing Jan 26 2017 (current_events.rules)
2824665 - ETPRO CURRENT_EVENTS Successful Excel Online Phish M2 Jan 26 2017 (current_events.rules)
2824666 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Jan 26 2017 (current_events.rules)
 

Date: 
Wednesday, January 25, 2017 - 22:00